7b064bd70bd1bf674731c8ddd47dc8bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b064bd70bd1bf674731c8ddd47dc8bf
Size

62KB
MD5

7b064bd70bd1bf674731c8ddd47dc8bf
SHA1

34342c8d2fbaf92f80a96b794025f2835980d073
SHA256

dd1e421bfddeecd78b7c4ecfc45e4bc8896a351a6c4c1eba4e36cd889fe4f8e0
SHA512

fbdf36daa0db42b03a68765c623ac2906993ef421eab43735a16c5a1948702ebed499410eaddd2ee9f51bdeb10c992401a15ebe97177aa79cdb26f404ff7b326
SSDEEP

1536:/F8/Rqfi1LyD30xB+E/ImBQu1GUQOYqCtByV:/KUq9yj8BDQmCuBCttByV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b064bd70bd1bf674731c8ddd47dc8bf

Files

7b064bd70bd1bf674731c8ddd47dc8bf
.exe windows:4 windows x86 arch:x86

937a451b37e804f965eae1bdd83f40df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
VirtualFree
ReadFile
CloseHandle
VirtualAlloc
GetFileSize
CreateFileA
FreeResource
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
GlobalFree
LoadLibraryExA
GlobalAlloc
WinExec
GetTempPathA
GetSystemDirectoryA
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap

user32

wvsprintfA

Sections

.text
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ